<?php
/**
 * @author leon
 *
 */
class login{
	private $sessionToken;
	public function __construct($nickname, $password){
		$database = new Database;
		$this->sessionToken = login::createToken();
		$database->query("
			UPDATE ".User::sqlTable." 
			SET sessiontoken = '".$database->connection->real_escape_string($this->sessionToken)."'
			WHERE nickname = '".$database->connection->real_escape_string($nickname)."' 
			AND password = '".$database->connection->real_escape_string($password)."'"
		);
		if(login::loginstate($this->sessionToken)){ 	//set cookie, show userpage
			setcookie(User::cookie, $this->sessionToken);
			new Easyshopping(new User($this->sessionToken));
		}else{ 											//show loginform again
			login::form("<p>Falsche Benutzerdaten.</p>");
		}
	}
	/**
	 * @return unknown_type
	 */
	public static function createToken(){
		return md5(mt_rand());
	}
	/**
	 * @param $sessionToken
	 * @return unknown_type
	 */
	public static function loginstate($sessionToken){
		$database = new Database;
		$sqlQuery = $database->query("
			SELECT id FROM ".User::sqlTable." 
			WHERE sessionToken = '".$database->connection->real_escape_string($sessionToken)."'"
		);
		return  $sqlQuery ? $sqlQuery->num_rows : 0;
	}
	public static function form($message = null){
		//call dom and xslt template
		$domDoc = DomExtension::XSLTProcess(
			DOMDocument::loadXML("
				<root>
					<nickname>".$_POST["nickname"]."</nickname>
					<message>$message</message>
				</root>
			"),
			DOMDocument::load(XML_DIR."login.xsl")
		);
		echo $domDoc->saveXML();
	}
}
class register{
	private $database;
	public function __construct($arrData){
		$this->database = new Database;
		//create user with given data, check for wrong inputs, if everything is ok: create token
		//username well formed and not exists? 
		$registered = false;
		if(register::checkUsernameSpell($arrData[nickname]) == 0 && 
			register::checkUsernameExist($arrData[nickname]) == 0){
			//no empty data field?
			if(register::isDataNotEmpty($arrData)){
				//TODO: check location in map api
				$arrData[password] = md5($arrData[password]);
				$this->createUser($arrData);
				$registered = true;
			}else{
				$arrData[message] = "<p>Missing data.</p>";
			}
		}else{
			$arrData[message] = "<p>Please chose another nickname.</p>";
		}
		if($registered){ 								//login and show page...
			new login($arrData[nickname], $arrData[password]);
		}else{ 											//show registerform again
			register::form($arrData);
		}
	}
	private function createUser($arrData){
		$sqlString = "INSERT INTO ".User::sqlTable." SET ";
		while(list($key, $val) = each($arrData)){
			$sqlSet .= "$key = '".$this->database->connection->real_escape_string($val)."', ";
		}
		$sqlString .= trim($sqlSet, ", ");
		User::createTable();
		$this->database->query($sqlString);
	}
	public static function isDataNotEmpty($arrData){
		$full = true;
		foreach($arrData as $data){
			if($data == "" || $data == NULL) $full = false;
		}
		return $full;
	}
	public static function checkUsernameSpell($nickname){
		return preg_match("(\W)", $nickname);
	}
	public static function checkUsernameExist($nickname){
		$sqlQuery = $this->database->query("
			SELECT id FROM ".User::sqlTable." 
			WHERE nickname = '".$this->database->connection->real_escape_string($nickname)."'"
		);
		return  $sqlQuery ? $sqlQuery->num_rows : 0;
	}
	public static function form($arrData = array()){
		//check old, wrong data
		//call dom and xslt template
		$arrData["password"] = ""; //delete pass
		$domDoc = DomExtension::XSLTProcess(
			DOMDocument::loadXML(register::arrToXML($arrData)),
			DOMDocument::load(XML_DIR."register.xsl")
		);
		echo $domDoc->saveXML();
	}
}